CVE-2007-2926 Information
Description
ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning.
Reference
ftp://aix.software.ibm.com/aix/efixes/security/README ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc http://docs.info.apple.com/article.html?artnum=307041 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01123426 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01154600 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01174368 http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html http://marc.info/?l=bugtraq&m=141879471518471&w=2 http://secunia.com/advisories/26148 http://secunia.com/advisories/26152 http://secunia.com/advisories/26160 http://secunia.com/advisories/26180 http://secunia.com/advisories/26195 http://secunia.com/advisories/26217 http://secunia.com/advisories/26227 http://secunia.com/advisories/26231 http://secunia.com/advisories/26236 http://secunia.com/advisories/26261 http://secunia.com/advisories/26308 http://secunia.com/advisories/26330 http://secunia.com/advisories/26509 http://secunia.com/advisories/26515 http://secunia.com/advisories/26531 http://secunia.com/advisories/26605 http://secunia.com/advisories/26607 http://secunia.com/advisories/26847 http://secunia.com/advisories/26925 http://secunia.com/advisories/27643 http://security.freebsd.org/advisories/FreeBSD-SA-07:07.bind.asc http://sunsolve.sun.com/search/document.do?assetkey=1-26-103018-1 http://support.avaya.com/elmodocs2/security/ASA-2007-389.htm http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=623903 http://www.debian.org/security/2007/dsa-1341 http://www.gentoo.org/security/en/glsa/glsa-200708-13.xml http://www.isc.org/index.pl?/sw/bind/bind-security.php http://www.kb.cert.org/vuls/id/252735 http://www.mandriva.com/security/advisories?name=MDKSA-2007:149 http://www.novell.com/linux/security/advisories/2007_47_bind.html http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.022.html http://www.redhat.com/support/errata/RHSA-2007-0740.html http://www.securiteam.com/securitynews/5VP0L0UM0A.html http://www.securityfocus.com/archive/1/474516/100/0/threaded http://www.securityfocus.com/archive/1/474545/100/0/threaded http://www.securityfocus.com/archive/1/474808/100/0/threaded http://www.securityfocus.com/archive/1/474856/100/0/threaded http://www.securityfocus.com/bid/25037 http://www.securityfocus.com/bid/26444 http://www.securitytracker.com/id?1018442 http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.521385 http://www.trusteer.com/docs/bind9dns.html http://www.trusteer.com/docs/bind9dns_s.html http://www.trustix.org/errata/2007/0023/ http://www.ubuntu.com/usn/usn-491-1 http://www.us-cert.gov/cas/techalerts/TA07-319A.html http://www.vupen.com/english/advisories/2007/2627 http://www.vupen.com/english/advisories/2007/2662 http://www.vupen.com/english/advisories/2007/2782 http://www.vupen.com/english/advisories/2007/2914 http://www.vupen.com/english/advisories/2007/2932 http://www.vupen.com/english/advisories/2007/3242 http://www.vupen.com/english/advisories/2007/3868 http://www-1.ibm.com/support/search.wss?rs=0&q=IZ02218&apar=only http://www-1.ibm.com/support/search.wss?rs=0&q=IZ02219&apar=only https://exchange.xforce.ibmcloud.com/vulnerabilities/35575 https://issues.rpath.com/browse/RPL-1587 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10293 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A2226
Share on: